Incident reporting

02/03/2015, by
Jesús Díaz (INCIBE).
In this post, we summarize the main features of Valgrind, the quintessentila debugging and C/C++ code optimization tool. Valgrind is certainly a tool that every C/C++ programmer should have in his/her programming toolkit, in order to reduce the presence of code vulnerabilities.

26/02/2015, by
David Cantón (INCIBE).
Denial-of-Service
(DoS) attacks are one of the most frequent types of security
incident and continue to be used extensively. In many cases,
carrying out a denial-of-service attack does not require advanced
knowledge. Some examples of this sort of aggression would be the
attack suffered by 19,000 French web-sites in the context of
the deadly assault on the premises of the satirical...

24/02/2015, by
Miguel Herrero (INCIBE).
Until 9 March 2015 there is a period during which the draft of the second revision of the Guide to Industrial Control System (ICS) Security published by the American National Institute of Standards and Technology (NIST) is open for the submission of comments by the public. This guide is intended to increase the security of ICS, including their supervisory control and data acquisition (SCADA)...

17/02/2015, by
Miguel Herrero (INCIBE).
Industrial Control Systems (ICS) encompass several types of systems designed to control and automate industrial processes. From controlling the temperature of an oven to the movement of a conveyer belt in a factory.
A simplified and typical view of the architecture of ICS could be made up of the following elements.
Sensors: They receive information from the physical world and translate it...